In this chapter, you will learn about inter-VLAN routing and how it is used to permit devices on separate VLANs to communicate. The goal is to allow devices connected to the various VLANs to communicate with each other. Each VLAN is a unique broadcast domain, so computers on separate VLANs are, by default, not able to communicate. There is a way to permit these end stations to communicate; it is called inter-VLAN routing.
We define inter-VLAN routing as a process of forwarding network traffic from one VLAN to another VLAN using a router. VLANs are associated with unique IP subnets on the network. This subnet configuration facilitates the routing process in a multi-VLAN environment. When using a router to facilitate inter-VLAN routing, the router interfaces can be connected to separate VLANs. Devices on those VLANs send traffic through the router to reach other VLANs
Traditionally, LAN routing has used routers with multiple physical interfaces. Each interface needed to be connected to a separate network and configured for a different subnet. In a traditional network that uses multiple VLANs to segment the network traffic into logical broadcast domains, routing is performed by connecting different physical router interfaces to different physical switch ports. The switch ports connect to the router in access mode; in access mode, different static VLANs are assigned to each port interface. Each switch interface would be assigned to a different static VLAN. Each router interface can then accept traffic from the VLAN associated with the switch interface that it is connected to, and traffic can be routed to the other VLANs connected to the other interfaces.
Traditional inter-VLAN routing requires multiple physical interfaces on both the router and the switch. However, not all inter-VLAN routing configurations require multiple physical interfaces. Some router software permits configuring router interfaces as trunk links. "Router-on-a-stick" is a type of router configuration in which a single physical interface routes traffic between multiple VLANs on a network. A router is connected to switch S1 using a single, physical network connection.
The router interface is configured to operate as a trunk link and is connected to a switch port configured in trunk mode. The router performs the inter-VLAN routing by accepting VLAN tagged traffic on the trunk interface coming from the adjacent switch and internally routing between the VLANs using subinterfaces. The router then forwards the routed traffic-VLAN tagged for the destination VLAN-out the same physical interface.
Subinterfaces are multiple virtual interfaces, associated with one physical interface. These subinterfaces are configured in software on a router that is independently configured with an IP address and VLAN assignment to operate on a specific VLAN. Subinterfaces are configured for different subnets corresponding to their VLAN assignment to facilitate logical routing before the data frames are VLAN tagged and sent back out the physical interface.
Some switches can perform Layer 3 functions, replacing the need for dedicated routers to perform basic routing on a network. Multilayer switches are capable of performing inter-VLAN routing. To enable a multilayer switch to perform routing functions, VLAN interfaces on the switch need to be configured with the appropriate IP addresses that match the subnet that the VLAN is associated with on the network. The multilayer switch also must have IP routing enabled.
Interfaces and Subinterfaces
Traditional routing requires routers to have multiple physical interfaces to facilitate inter-VLAN routing. The router accomplishes the routing by having each of its physical interfaces connected to a unique VLAN. Each interface is also configured with an IP address for the subnet associated with the particular VLAN that it is connected to. By configuring the IP addresses on the physical interfaces, network devices connected to each of the VLANs can communicate with the router using the physical interface connected to the same VLAN. In this configuration, network devices can use the router as a gateway to access the devices connected to the other VLANs.
The routing process requires the source device to determine if the destination device is local or remote to the local subnet. The source device accomplishes this by comparing the source and destination addresses against the subnet mask. Once the destination address has been determined to be on a remote network, the source device has to identify where it needs to forward the packet to reach the destination device. The source device examines the local routing table to determine where it needs to send the data. Typically, devices use their default gateway as the destination for all traffic that needs to leave the local subnet. The default gateway is the route that the device uses when it has no other explicitly defined route to the destination network. The router interface on the local subnet acts as the default gateway for the sending device.
Traditional inter-VLAN routing using physical interfaces does have a limitation. As the number of VLANs increases on a network, the physical approach of having one router interface per VLAN quickly becomes hindered by the physical hardware limitations of a router. Routers have a limited number of physical interfaces that they can use to connect to different VLANs.
Subinterfaces are software-based virtual interfaces that are assigned to physical interfaces. Each subinterface is configured with its own IP address, subnet mask, and unique VLAN assignment, allowing a single physical interface to simultaneously be part of multiple logical networks. This is useful when performing inter-VLAN routing on networks with multiple VLANs and few router physical interfaces.
When configuring inter-VLAN routing using the router-on-a-stick model, the physical interface of the router must be connected to a trunk link on the adjacent switch. Subinterfaces are created for each unique VLAN/subnet on the network. Each subinterface is assigned an IP address specific to the subnet that it will be part of and configured to VLAN tag frames for the VLAN that the interface is to interact with. That way, the router can keep the traffic from each subinterface separated as it traverses the trunk link back to the switch.
Subinterface Configuration
Configuring router subinterfaces is similar to configuring physical interfaces, except that you need to create the subinterface and assign it to a VLAN.
Before assigning an IP address to a subinterface, the subinterface needs to be configured to operate on a specific VLAN using the encapsulation dot1q vlan id command.
Unlike a typical physical interface, subinterfaces are not enabled with the no shutdown command at the subinterface configuration mode level of the Cisco IOS software. Instead, when the physical interface is enabled with the no shutdown command, all the configured subinterfaces are enabled. Likewise, if the physical interface is disabled, all subinterfaces are disabled.
Both physical interfaces and subinterfaces are used to perform inter-VLAN routing. There are advantages and disadvantage to each method.
We define inter-VLAN routing as a process of forwarding network traffic from one VLAN to another VLAN using a router. VLANs are associated with unique IP subnets on the network. This subnet configuration facilitates the routing process in a multi-VLAN environment. When using a router to facilitate inter-VLAN routing, the router interfaces can be connected to separate VLANs. Devices on those VLANs send traffic through the router to reach other VLANs
Traditionally, LAN routing has used routers with multiple physical interfaces. Each interface needed to be connected to a separate network and configured for a different subnet. In a traditional network that uses multiple VLANs to segment the network traffic into logical broadcast domains, routing is performed by connecting different physical router interfaces to different physical switch ports. The switch ports connect to the router in access mode; in access mode, different static VLANs are assigned to each port interface. Each switch interface would be assigned to a different static VLAN. Each router interface can then accept traffic from the VLAN associated with the switch interface that it is connected to, and traffic can be routed to the other VLANs connected to the other interfaces.
Traditional inter-VLAN routing requires multiple physical interfaces on both the router and the switch. However, not all inter-VLAN routing configurations require multiple physical interfaces. Some router software permits configuring router interfaces as trunk links. "Router-on-a-stick" is a type of router configuration in which a single physical interface routes traffic between multiple VLANs on a network. A router is connected to switch S1 using a single, physical network connection.
The router interface is configured to operate as a trunk link and is connected to a switch port configured in trunk mode. The router performs the inter-VLAN routing by accepting VLAN tagged traffic on the trunk interface coming from the adjacent switch and internally routing between the VLANs using subinterfaces. The router then forwards the routed traffic-VLAN tagged for the destination VLAN-out the same physical interface.
Subinterfaces are multiple virtual interfaces, associated with one physical interface. These subinterfaces are configured in software on a router that is independently configured with an IP address and VLAN assignment to operate on a specific VLAN. Subinterfaces are configured for different subnets corresponding to their VLAN assignment to facilitate logical routing before the data frames are VLAN tagged and sent back out the physical interface.
Some switches can perform Layer 3 functions, replacing the need for dedicated routers to perform basic routing on a network. Multilayer switches are capable of performing inter-VLAN routing. To enable a multilayer switch to perform routing functions, VLAN interfaces on the switch need to be configured with the appropriate IP addresses that match the subnet that the VLAN is associated with on the network. The multilayer switch also must have IP routing enabled.
Interfaces and Subinterfaces
Traditional routing requires routers to have multiple physical interfaces to facilitate inter-VLAN routing. The router accomplishes the routing by having each of its physical interfaces connected to a unique VLAN. Each interface is also configured with an IP address for the subnet associated with the particular VLAN that it is connected to. By configuring the IP addresses on the physical interfaces, network devices connected to each of the VLANs can communicate with the router using the physical interface connected to the same VLAN. In this configuration, network devices can use the router as a gateway to access the devices connected to the other VLANs.
The routing process requires the source device to determine if the destination device is local or remote to the local subnet. The source device accomplishes this by comparing the source and destination addresses against the subnet mask. Once the destination address has been determined to be on a remote network, the source device has to identify where it needs to forward the packet to reach the destination device. The source device examines the local routing table to determine where it needs to send the data. Typically, devices use their default gateway as the destination for all traffic that needs to leave the local subnet. The default gateway is the route that the device uses when it has no other explicitly defined route to the destination network. The router interface on the local subnet acts as the default gateway for the sending device.
Traditional inter-VLAN routing using physical interfaces does have a limitation. As the number of VLANs increases on a network, the physical approach of having one router interface per VLAN quickly becomes hindered by the physical hardware limitations of a router. Routers have a limited number of physical interfaces that they can use to connect to different VLANs.
Subinterfaces are software-based virtual interfaces that are assigned to physical interfaces. Each subinterface is configured with its own IP address, subnet mask, and unique VLAN assignment, allowing a single physical interface to simultaneously be part of multiple logical networks. This is useful when performing inter-VLAN routing on networks with multiple VLANs and few router physical interfaces.
When configuring inter-VLAN routing using the router-on-a-stick model, the physical interface of the router must be connected to a trunk link on the adjacent switch. Subinterfaces are created for each unique VLAN/subnet on the network. Each subinterface is assigned an IP address specific to the subnet that it will be part of and configured to VLAN tag frames for the VLAN that the interface is to interact with. That way, the router can keep the traffic from each subinterface separated as it traverses the trunk link back to the switch.
Subinterface Configuration
Configuring router subinterfaces is similar to configuring physical interfaces, except that you need to create the subinterface and assign it to a VLAN.
Before assigning an IP address to a subinterface, the subinterface needs to be configured to operate on a specific VLAN using the encapsulation dot1q vlan id command.
Unlike a typical physical interface, subinterfaces are not enabled with the no shutdown command at the subinterface configuration mode level of the Cisco IOS software. Instead, when the physical interface is enabled with the no shutdown command, all the configured subinterfaces are enabled. Likewise, if the physical interface is disabled, all subinterfaces are disabled.
Both physical interfaces and subinterfaces are used to perform inter-VLAN routing. There are advantages and disadvantage to each method.
Configure Inter-VLAN Routing
In this topic, you will learn how to configure a Cisco IOS router for inter-VLAN routing
Each subinterface is created using the interface interface_id.Subinterface_id global configuration mode command. In this example, the subinterface Fa0/0.10 is created using the interface fa0/0.10 global configuration mode command. After the subinterface has been created, the VLAN ID is assigned using the encapsulation dot1q vlan_id subinterface configuration mode command.
Next, assign the IP address for the subinterface using the ip address ip_address subnet_mask subinterface configuration mode command. In this example, subinterface F0/0.10 is assigned the IP address 172.17.10.1 using the ip address 172.17.10.1 255.255.255.0 command. You do not need to execute a no shutdown command at the subinterface level because it does not enable the physical interface.
Next, examine the routing table using the show ip route command from privileged EXEC mode.
Nessun commento:
Posta un commento